JPPO
|
|
2 hits : Port 80/443 : GET /.git or /.git/HEAD, /.git/config ... /.DS_store
|
Web App Attack
|
|
TheMadBeaker
|
|
Fail2Ban Ban Triggered
HTTP Exploit Attempt
|
Brute-Force
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 3.84.30.1 (ec2-3-84-30-1.compute-1.amazonaws.co ... show more(mod_security) mod_security (id:210492) triggered by 3.84.30.1 (ec2-3-84-30-1.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 14 06:26:06.968351 2025] [security2:error] [pid 3303168:tid 3303168] [client 3.84.30.1:59366] [client 3.84.30.1] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.goldencalculator.com"] [uri "/.git/config"] [unique_id "Z4ZJziJaPuCQ8DOpQOjSrQAAAAQ"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 3.84.30.1 (ec2-3-84-30-1.compute-1.amazonaws.co ... show more(mod_security) mod_security (id:210492) triggered by 3.84.30.1 (ec2-3-84-30-1.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 14 06:04:57.404735 2025] [security2:error] [pid 48093:tid 48093] [client 3.84.30.1:55450] [client 3.84.30.1] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.crowleywoodworking.com"] [uri "/.git/config"] [unique_id "Z4ZE2RP92rchcsAtTbhklwAAABU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Charles
|
|
3.84.30.1 - - [14/Jan/2025:18:48:19 +0800] "GET /.git/config HTTP/1.1" 404 6423 "-" "Mozilla/5.0 (X1 ... show more3.84.30.1 - - [14/Jan/2025:18:48:19 +0800] "GET /.git/config HTTP/1.1" 404 6423 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36"
... show less
|
Web Spam
Email Spam
Brute-Force
Bad Web Bot
Web App Attack
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 3.84.30.1 (ec2-3-84-30-1.compute-1.amazonaws.co ... show more(mod_security) mod_security (id:210492) triggered by 3.84.30.1 (ec2-3-84-30-1.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 14 05:44:04.694999 2025] [security2:error] [pid 23927:tid 23974] [client 3.84.30.1:48318] [client 3.84.30.1] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.acornway.com"] [uri "/.git/config"] [unique_id "Z4Y_9NIJzraOH-VYWBkbRgAAAEw"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 3.84.30.1 (ec2-3-84-30-1.compute-1.amazonaws.co ... show more(mod_security) mod_security (id:210492) triggered by 3.84.30.1 (ec2-3-84-30-1.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 14 05:24:51.946879 2025] [security2:error] [pid 22330:tid 22330] [client 3.84.30.1:58258] [client 3.84.30.1] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.autumn-kennedy.com"] [uri "/.git/config"] [unique_id "Z4Y7c8yB70m85Dnzsk3HCQAAAAQ"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 3.84.30.1 (ec2-3-84-30-1.compute-1.amazonaws.co ... show more(mod_security) mod_security (id:210492) triggered by 3.84.30.1 (ec2-3-84-30-1.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 14 05:04:04.109146 2025] [security2:error] [pid 10948:tid 10948] [client 3.84.30.1:33996] [client 3.84.30.1] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.stpvilla.com"] [uri "/.git/config"] [unique_id "Z4Y2lDdZW3ra-Z0L3WgDYAAAAA8"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|